This allows autopart (of LVM) to set up encrypted PVs to be used and adds
the UI for enabling that in graphical mode.
It's a little bit hacky as we rely on the fact request.encryption is set
and has a passphrase for this to work
---
autopart.py | 11 +++++++++++
cryptodev.py | 2 ++
fsset.py | 2 +-
iw/autopart_type.py | 12 ++++++++++++
partitions.py | 3 +++
ui/autopart.glade | 19 +++++++++++++++++++
6 files changed, 48 insertions(+), 1 deletions(-)
diff --git a/autopart.py b/autopart.py
index 899de6f..ea33c35 100644
--- a/autopart.py
+++ b/autopart.py
@@ -21,6 +21,7 @@ import lvm
import logging
import rhpl
from anaconda_log import logger, logFile
+import cryptodev
import partedUtils
import partRequests
from constants import *
@@ -1411,6 +1412,14 @@ def doAutoPartition(anaconda):
if req.type == REQUEST_NEW and not req.drive:
req.drive = drives
+
+ # this is kind of a hack, but if we're doing autopart encryption
+ # and the request has a crypto dev, but no passphrase, then set
+ # the passphrase to the global one
+ if partitions.autoEncrypt and req.encryption is not None and \
+ req.encryption.passphrase == "":
+ req.encryption.setPassphrase(partitions.autoEncryptPass)
+
# if this is a multidrive request, we need to create one per drive
if req.type == REQUEST_NEW and req.multidrive:
if not req.drive:
@@ -1627,6 +1636,8 @@ def autoCreateLVMPartitionRequests(autoreq):
grow = 1,
format = 1,
multidrive = 1)
+
+ nr.encryption = cryptodev.LUKSDevice(passphrase="", format=1)
requests.append(nr)
nr = partRequests.VolumeGroupRequestSpec(fstype = None,
vgname = "lvm",
diff --git a/cryptodev.py b/cryptodev.py
index 0b6967b..2b9fb71 100644
--- a/cryptodev.py
+++ b/cryptodev.py
@@ -36,6 +36,8 @@ class LUKSDevice:
def getScheme(self):
"""Returns the name of the encryption scheme used by the device."""
+ if self.passphrase == "":
+ return None
return self.scheme
def setDevice(self, device):
diff --git a/fsset.py b/fsset.py
index 180922f..5e61ef5 100644
--- a/fsset.py
+++ b/fsset.py
@@ -2170,7 +2170,7 @@ class Device:
self.isSetup = 0
self.doLabel = 1
self.deviceOptions = ""
- if encryption:
+ if encryption and encryption.getScheme():
self.crypto = encryption
if device not in ("none", None):
self.crypto.setDevice(device)
diff --git a/iw/autopart_type.py b/iw/autopart_type.py
index 3e20977..0802dfb 100644
--- a/iw/autopart_type.py
+++ b/iw/autopart_type.py
@@ -49,6 +49,16 @@ class PartitionTypeWindow(InstallWindow):
self.dispatch.skipStep("bootloader", skip = 0)
else:
self.dispatch.skipStep("autopartitionexecute", skip = 0)
+
+ if self.xml.get_widget("encryptButton").get_active():
+ thepass = self.intf.getLuksPassphrase(self.partitions.autoEncryptPass)
+ if not thepass:
+ raise gui.StayOnScreen
+ self.partitions.autoEncryptPass = thepass
+ self.partitions.autoEncrypt = True
+ else:
+ self.partitions.autoEncryptPass = ""
+ self.partitions.autoEncrypt = False
self.partitions.useAutopartitioning = 1
self.partitions.autoClearPartType = val
@@ -109,6 +119,7 @@ class PartitionTypeWindow(InstallWindow):
self.xml.get_widget("reviewButton").set_sensitive(False)
self.xml.get_widget("driveScroll").set_sensitive(False)
self.xml.get_widget("bootDriveCombo").set_sensitive(False)
+ self.xml.get_widget("encryptButton").set_sensitive(False)
else:
if self.prevrev == None:
self.xml.get_widget("reviewButton").set_active(self.review)
@@ -119,6 +130,7 @@ class PartitionTypeWindow(InstallWindow):
self.xml.get_widget("reviewButton").set_sensitive(True)
self.xml.get_widget("driveScroll").set_sensitive(True)
self.xml.get_widget("bootDriveCombo").set_sensitive(True)
+ self.xml.get_widget("encryptButton").set_sensitive(True)
def addIscsiDrive(self):
if not network.hasActiveNetDev():
diff --git a/partitions.py b/partitions.py
index fb77e1e..51a35b7 100644
--- a/partitions.py
+++ b/partitions.py
@@ -153,6 +153,9 @@ class Partitions:
drive or livecd installs. Partitions on this list may not be
formatted."""
+ self.autoEncrypt = False
+ self.autoEncryptPass = ""
+
# partition method to be used. not to be touched externally
self.useAutopartitioning = 1
self.useFdisk = 0
diff --git a/ui/autopart.glade b/ui/autopart.glade
index fb75259..1669227 100644
--- a/ui/autopart.glade
+++ b/ui/autopart.glade
@@ -80,6 +80,25 @@
</child>
<child>
+ <widget class="GtkCheckButton" id="encryptButton">
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="label" translatable="yes">_Encrypt system</property>
+ <property name="use_underline">True</property>
+ <property name="relief">GTK_RELIEF_NORMAL</property>
+ <property name="focus_on_click">True</property>
+ <property name="active">True</property>
+ <property name="inconsistent">False</property>
+ <property name="draw_indicator">True</property>
+ </widget>
+ <packing>
+ <property name="padding">0</property>
+ <property name="expand">False</property>
+ <property name="fill">False</property>
+ </packing>
+ </child>
+
+ <child>
<widget class="GtkLabel" id="selectLabel">
<property name="label" translatable="yes" context="yes">_Select the drive(s) to use for this installation.</property>
<property name="use_underline">True</property>
--
1.5.3.7
_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/anaconda-devel-list
